github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-27 13:37:30 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #105396 from liggitt/csr-test

Browse Source 
Fix CSR test to accept certs shorter than the requested duration
This commit is contained in:
Kubernetes Prow Robot 2021-10-01 09:45:34 -07:00 committed by GitHub
commit 6044cdbb31
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
test/e2e/auth/certificates.go
View File

@ -166,7 +166,10 @@ var _ = SIGDescribe("Certificates API [Privileged:ClusterAdmin]", func() {
framework.ExpectNoError(err)
framework.ExpectEqual(len(certs), 1, "expected a single cert, got %#v", certs)
cert := certs[0]
framework.ExpectEqual(cert.NotAfter.Sub(cert.NotBefore), time.Hour+5*time.Minute, "unexpected cert duration: %s", dynamiccertificates.GetHumanCertDetail(cert))
// make sure the cert is not valid for longer than our requested time (plus allowance for backdating)
if e, a := time.Hour+5*time.Minute, cert.NotAfter.Sub(cert.NotBefore); a > e {
framework.Failf("expected cert valid for %s or less, got %s: %s", e, a, dynamiccertificates.GetHumanCertDetail(cert))
}
newClient, err := certificatesclient.NewForConfig(rcfg)
framework.ExpectNoError(err)